Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2017-7569

In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037.

  • Published: Apr 6, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-7569
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.6
  • AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
vbulletin / vbulletin - 5.2.6.x